PackMan security (was: [Pythonmac-SIG] FAQ item)
Jack.Jansen at cwi.nl
Tue Jul 29 23:17:59 EDT 2003
On dinsdag, jul 29, 2003, at 21:29 Europe/Amsterdam, Bob Ippolito wrote:
> I'd also like to mention that there are some pretty *serious security
> flaws* with the current way Package Manager works that should be
> higher priority than making it pretty. We need to start a new thread
> discussing this.. is this the proper SIG for it?
I'm not sure what the right place to discuss this is. Let's keep it
here, for now.
I plan to do a PEP later, but as PackMan solves a real problem I didn't
want to get
bogged down by zillions of people all trying to bend PackMan to their
until 2.3 was out.
Let's hear about the security flaws. The only one I'm aware of is that
that is built in to packman isn't secure HTTP. From that point on I was
impression that everything was secure. Or, "secure", let me rephrase
is only one person you put your trust in, and that is the person who
- Jack Jansen <Jack.Jansen at oratrix.com>
- If I can't dance I don't want to be part of your revolution -- Emma
More information about the Pythonmac-SIG